Executive Summary
| Summary | |
|---|---|
| Title | Cisco Unified Service Monitor and Cisco Unified Operations Manager Remote Code Execution Vulnerabilities |
| Informations | |||
|---|---|---|---|
| Name | cisco-sa-20110914-cusm | First vendor Publication | 2011-07-07 |
| Vendor | Cisco | Last vendor Modification | 2011-09-14 |
| Severity (Vendor) | N/A | Revision | 1.0 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 10 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Two vulnerabilities exist in Cisco Unified Service Monitor and Cisco Unified Operations Manager software that could allow an unauthenticated, remote attacker to execute arbitrary code on affected servers. Cisco has released free software updates that address these vulnerabilities. There are no workarounds available to mitigate these vulnerabilities. |
Original Source
| Url : http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9 (...) |
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 77172 | Cisco Multiple Products brstart.exe SMARTS Request sm_read_string_length Valu... |
| 75442 | Cisco Multiple Products brstart.exe add_dm Request Parsing Remote Overflow |
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2011-09-29 | IAVM : 2011-A-0132 - Remote Code Execution Vulnerability in Cisco Products Severity : Category I - VMSKEY : V0030269 |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2011-10-13 | Name : The monitoring application hosted on the remote web server has multiple vulne... File : cisco_uom_8_6.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 10:22:01 |
|
| 2013-11-11 12:37:30 |
|
| 2013-05-11 00:42:42 |
|
